Thales eSecurity Blog

MicroServices: Today’s data science gold rush

Sol Cates
Sol Cates | VP, Research and Technology More About This Author >

Microservices are changing how organizations are doing business. And nowhere was this more clear than at KubeCon in San Diego last year.

Microservices1 are the kernel for modern cloud architecture, and is going to drive how people build, manage and deploy secure apps. This technology is changing the game for a lot of organizations, especially users and platform providers.

At this level, microservices are cloud native. You’re able to create very powerful technologies by taking things off the shelf and slapping them together. And the ecosystem that’s going to drive all this will need to address old challenges, such as security, identity, and logging, with new tools. But we also have completely new problems, such as secrets management and protection, that we need to address.

To make all this happen, there’s a lot of education, tooling, technology, and transformation that’s happening, which is why there was so much excitement in the air at KubeCon.

My key takeaways from KubeCon

Security

In microservices, security is seen as an integration decision. You can build security into your cloud-native offerings, whether services, networks, or architecture. In numerous keynotes, security was highlighted in terms of bringing it into the microservices framework as a part of the blueprint. One of the things that’s nice about this new world, is you don’t have to care about owning, managing, or solving every problem anymore, and it makes it easy to get common services in your applications(bye, bye monoliths!). You can ride on a platform and get a lot of cool capabilities for free. And, whether you go the platform way, make your own, or buy from industry vendors, you have lots of options as a customer. You can choose your own journey as to how you want to get into cloud native. It’s evolving very quickly, so the options are everywhere. This also means buyers are scratching their heads trying to figure out what they need.

Meanwhile, the security practitioners are trying to figure this all out. They’re trying to understand:

  • How their old tools work in this new world, if at all
  • What new tools they need to solve the old problems in the new world
  • What are the new things they’ll need to do that they didn’t have to do before

1For more on microservices check out two of my earlier blogs, “Securing Microservices,” and “Seven Microservices Identity Questions to Secure your Data.

Accelerating velocity

The velocity is insane in this market. I heard over and over in the keynotes that microservices were generating extraordinary acceleration in development, changing how things get done, and letting teams move fast, because they no longer have to do things that don’t add value.

I estimate KubeCon attendance this year (12,000 according to various reports) was three to four times the size it was just a few years ago. There was a massive audience at the keynotes, which included fun, fresh content. The big three cloud providers— Amazon, Google and Microsoft—all had major presences. There is a lot of incentive for them to make the cloud-native experience—Kubernetes and the things that plug into it– seamless and frictionless.

The CSP angle

The technology, the developers, and the vendors are quickly colliding and you have to wonder who’s solving what problem? Buyers are looking at this new, emerging market of vendors and tools and are trying to piece together what they need to achieve their business goals. The cloud service providers are trying to make that decision simple for buyers: “Use our platform, and we’ll make it nice and easy for you, and we’ll plug in best practices for you.”

Summary

Microservices are very high-end, enabling technology to get teams to their goal quickly. And it’s happening. You could definitely feel the buzz at KubeCon. It’s exciting. It’s the next data science gold rush!